Branch: refs/heads/master
Home: https://github.com/tianocore/edk2
Commit: 82ccaaf8e77fcd461fe06f26b020254226e0f54a
https://github.com/tianocore/edk2/commit/82ccaaf8e77fcd461fe06f26b020254226e0f54a
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
M ArmPkg/Drivers/CpuDxe/Arm/Mmu.c
M ArmPkg/Include/Chipset/ArmV7Mmu.h
M ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibConvert.c
M ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c
M ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c
Log Message:
-----------
ArmPkg/ArmMmuLib ARM: Remove half baked large page support
Large page support on 32-bit ARM is essentially a glorified contiguous
bit where 16 consecutive entries describing a contiguous range with the
same attributes are presented in a way that permits the TLB to cache its
translation with a single entry.
This was never wired up completely, and does not add a lot of value in
EFI, where the page granularity is 4k and we expect to be able to set RO
and XP permissions on individual pages.
Given that large page support complicates the handling of the XN bit at
the page level (which is in a different place depending on whether the
page is small or large), let's just rip it out.
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Commit: 3b76284883df833170f741c9fb4037579635b7f2
https://github.com/tianocore/edk2/commit/3b76284883df833170f741c9fb4037579635b7f2
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
M ArmPkg/Include/Chipset/ArmV7Mmu.h
M ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c
Log Message:
-----------
ArmPkg/ArmMmuLib ARM: Split off XN page descriptor bit from type field
With large page support out of the picture, we can treat bits 1 and 0 of
the page descriptor as individual valid and XN bits, instead of treating
XN as a page type. Doing so aligns the handling of the attribute with
the section descriptor layout, as well as the XN handling on AArch64,
and this is beneficial for maintainability.
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Commit: 699372d388a796441d938dba4fdb6525b69ea250
https://github.com/tianocore/edk2/commit/699372d388a796441d938dba4fdb6525b69ea250
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
M ArmPkg/Drivers/CpuDxe/Arm/Mmu.c
M ArmPkg/Include/Chipset/ArmV7Mmu.h
Log Message:
-----------
ArmPkg/CpuDxe ARM: Fix page-to-section attribute conversion
The section-to-page attribute conversion takes the shareability and
execute-never attributes into account, whereas the page-to-section
counterpart does not. The result is that GetMemoryRegionPage () -which
takes a section attribute argument (via *RegionAttributes) that is
ostensibly based on the first page in the range, but differs from the
actual page attributes when converted back- may return with a
RegionLength of zero. This is incorrect, and confuses code that scans a
region by calling GetMemoryRegion () in sequence.
So fix the conversion, and ASSERT () on a non-zero region length.
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Commit: 28dce5b130f75750bae4b5643dc57bea1aefd30c
https://github.com/tianocore/edk2/commit/28dce5b130f75750bae4b5643dc57bea1aefd30c
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
M ArmPkg/Drivers/CpuDxe/Arm/Mmu.c
M ArmPkg/Include/Chipset/ArmV7Mmu.h
M ArmPkg/Library/ArmLib/Arm/ArmV7Support.S
M ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibConvert.c
M ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c
Log Message:
-----------
ArmPkg/ArmMmuLib ARM: Isolate the access flag from AP mask
Split the ARM permission fields in the short descriptors into an access
flag and AP[2:1] as per the recommendation in the ARM ARM. This makes
the access flag available separately, which allows us to implement
EFI_MEMORY_RP memory analogous to how it will be implemented for
AArch64.
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Commit: 041c7a31c2213844a7a30dd57205bae2f754a5bb
https://github.com/tianocore/edk2/commit/041c7a31c2213844a7a30dd57205bae2f754a5bb
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
M ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c
Log Message:
-----------
ArmPkg/ArmMmuLib ARM: Clear individual permission bits
Currently, the MMU code that is supposed to clear the RO or XP
attributes from a region just clears both unconditionally. This
approximates the desired behavior to some extent, but it does mean that
setting the RO bit first on a code region, and then clearing the XP bit
results both RO and XP being cleared, and we end up with writable code,
and avoiding that is the point of all these protections.
Once we introduce RP support, this will only get worse, so let's fix
this up, by reshuffling the attribute update code to take the entry mask
from the caller, and use the mask to preserve other attributes when
clearing RO or XP.
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Commit: 6b821be1407c46950a2d334e5a240ea5ba47d416
https://github.com/tianocore/edk2/commit/6b821be1407c46950a2d334e5a240ea5ba47d416
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
M ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c
M ArmPkg/Include/Library/ArmMmuLib.h
M ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
M ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c
Log Message:
-----------
ArmPkg/ArmMmuLib: Implement EFI_MEMORY_RP using access flag
Implement support for read-protected memory by wiring it up to the
access flag in the page table descriptor. The resulting mapping is
implicitly non-writable and non-executable as well, but this is good
enough for implementing this attribute, as we never rely on write or
execute permissions without read permissions.
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Commit: f07a9df9af60ad0afa9107cb582f4103cdcda1bc
https://github.com/tianocore/edk2/commit/f07a9df9af60ad0afa9107cb582f4103cdcda1bc
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
M ArmVirtPkg/ArmVirt.dsc.inc
Log Message:
-----------
ArmVirtPkg: Enable stack guard
Enable the stack guard in ArmVirtPkg builds, so that stack overflows are
caught as they occur, rather than when they happen to hit a read-only
memory region.
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Commit: ae2c904c3de9d42b70805e42c687de874a5c6d25
https://github.com/tianocore/edk2/commit/ae2c904c3de9d42b70805e42c687de874a5c6d25
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
M ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
M ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c
Log Message:
-----------
ArmPkg/ArmMmuLib: Avoid splitting block entries if possible
Currently, the ARM MMU page table logic will break down any block entry
that overlaps with the region being mapped, even if the block entry in
question is using the same attributes as the new region.
This means that creating a non-executable mapping inside a region that
is already mapped non-executable at a coarser granularity may trigger a
call to AllocatePages (), which may recurse back into the page table
code to update the attributes on the newly allocated page tables.
Let's avoid this, by preserving the block entry if it already covers the
region being mapped with the correct attributes.
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Commit: f4a6f63999a1de2f1cca002db0624c14b22c9b05
https://github.com/tianocore/edk2/commit/f4a6f63999a1de2f1cca002db0624c14b22c9b05
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
M ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c
M ArmPkg/Drivers/CpuDxe/Arm/Mmu.c
M ArmPkg/Drivers/CpuDxe/CpuDxe.h
Log Message:
-----------
ArmPkg/CpuDxe: Expose unified region-to-EFI attribute conversion
In preparation for introducing an implementation of the EFI memory
attributes protocol that is shared between ARM and AArch64, unify the
existing code that converts a page table descriptor into a
EFI_MEMORY_xx bitfield, so it can be called from the generic code.
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Commit: b977956a6cebebd18d2140036770e201842e5483
https://github.com/tianocore/edk2/commit/b977956a6cebebd18d2140036770e201842e5483
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
A MdePkg/Include/Protocol/MemoryAttribute.h
M MdePkg/MdePkg.dec
Log Message:
-----------
MdePkg: Add Memory Attribute Protocol definition
Add the Memory Attribute Protocol definition, which was adopted and
included in version 2.10 of the UEFI specification.
Link: https://bugzilla.tianocore.org/show_bug.cgi?id=3519
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Liming Gao <gaolim...@byosoft.com.cn>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Commit: 1c4dfadb4611ef511816dfdfbdb37d7d100b5a4b
https://github.com/tianocore/edk2/commit/1c4dfadb4611ef511816dfdfbdb37d7d100b5a4b
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
M ArmPkg/Drivers/CpuDxe/CpuDxe.c
M ArmPkg/Drivers/CpuDxe/CpuDxe.h
M ArmPkg/Drivers/CpuDxe/CpuDxe.inf
A ArmPkg/Drivers/CpuDxe/MemoryAttribute.c
Log Message:
-----------
ArmPkg/CpuDxe: Implement EFI memory attributes protocol
Expose the protocol introduced in v2.10 that permits the caller to
manage mapping permissions in the page tables.
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Commit: 852227a9d52e3cb95fc34841f63eb3a3209a6726
https://github.com/tianocore/edk2/commit/852227a9d52e3cb95fc34841f63eb3a3209a6726
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
M ArmPkg/Include/Chipset/ArmV7Mmu.h
M ArmPkg/Include/Library/ArmLib.h
M ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
M ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c
Log Message:
-----------
ArmPkg/Mmu: Remove handling of NONSECURE memory regions
Non-secure memory is a distinction that only matters when executing code
in the secure world that reasons about the secure vs non-secure address
spaces. EDK2 was not designed for that, and the AArch64 version of the
MMU handling library already treats them as identical, so let's just
drop the ARM memory region types that mark memory as 'non-secure'
explicitly.
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Commit: b05523a4e9d38ec44611f8a292a061f3f992ed14
https://github.com/tianocore/edk2/commit/b05523a4e9d38ec44611f8a292a061f3f992ed14
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
M ArmPkg/Include/Library/ArmLib.h
M ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
M ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c
Log Message:
-----------
ArmPkg/ArmMmuLib: Introduce region types for RO/XP WB cached memory
To prepare for the enablement of booting EFI with the SCTLR.WXN control
enabled, which makes all writeable memory regions non-executable by
default, introduce a memory type that we will use to describe the flash
region that carries the SEC and PEIM modules that execute in place. Even
if these are implicitly read-only due to the ROM nature, they need to be
mapped with read-only attributes in the page tables to be able to
execute from them.
Also add the XP counterpart which will be used for all normal DRAM right
at the outset.
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Commit: 16e0969ef775b898ac700f3261d76030b8ab9ef0
https://github.com/tianocore/edk2/commit/16e0969ef775b898ac700f3261d76030b8ab9ef0
Author: Ard Biesheuvel <a...@kernel.org>
Date: 2023-03-16 (Thu, 16 Mar 2023)
Changed paths:
M ArmVirtPkg/ArmVirtQemu.dsc
Log Message:
-----------
ArmVirtPkg/ArmVirtQemu: Use PEI flavor of ArmMmuLib for all PEIMs
The PEI flavor of the ArmMmuLib will install a HOB that exposes its
implementation of the special helper routine that is used to update live
entries, so that other instantiations of ArmMmuLib can invoke it. This
is needed to ensure that splitting page tables using break-before-make
(BBM) does not unmap the code that is performing the split.
However, the BASE variety of ArmMmuLib discovers the HOB and sets a
global pointer to refer to it, which is not possible in PEIMs, and so
all PEIMs must use the PEI variety of this library if one does.
Signed-off-by: Ard Biesheuvel <a...@kernel.org>
Reviewed-by: Leif Lindholm <quic_llind...@quicinc.com>
Compare: https://github.com/tianocore/edk2/compare/997c6967b00c...16e0969ef775
_______________________________________________
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
